everoute
Networking and security for both virtualization and Kubernetes workloads.

Everoute provides software-defined network and security capabilities. It offers functionalities such as the distributed firewall, network load balancer, virtual private cloud (VPC) networking, and container network, and supports both virtualized and containerized apps, forming a unified network and security solution.

Check Specs
Distributed Firewall
Everoute Distributed Firewall (DFW) is a network security feature provided by the Everoute service on SmartX's native virtualization platform ELF. It implements a micro-segmented network model adhering to the zero trust principle, and extends multiple distributed firewall policies to safeguard individual virtual machines from cybersecurity threats, thus offering a flexible, fine-grained, and robust security solution for a wide range of services.
Why Everoute Distributed Firewall
Implementing Zero-Trust. Enforce least privilege access via allow policy and achieve automatic policy adherence for comprehensive, blind spot-free security.
Simplifying Management. Security policies are business-aware based on VM labels and security groups, simplifying the management of different policies.
Rapid Response to Alerts. Quickly respond to VM security events and avoid spreading security threats with “one-click isolation”.
Features
Allow Policy Mode
Only allow data flows explicitly permitted by the policy, ensuring east-west traffic between virtual machines adheres to the least privilege principle.
Sticky Policies
Security policies can follow virtual machines as they migrate automatically from host to host, cluster to cluster, without the need to reset them. Security policies are enforced independent of physical host, segment, and IP address of the virtual machine.
VM Labels and Security Groups
Tag virtual machines with “labels” and “security groups” to provide a clear view of security policies. VMs can be dynamically assigned to “security groups” based on label or label combinations, simplifying security policies for non-contiguous IP addresses.
Hybrid Security Policy
Support configuration policies in both allowlist and blocklist simultaneously, enhancing flexibility and simplifying security management.
“One-Click Isolation” of Suspected VMs
Isolate suspected and infected VMs with one click, and set dedicated access policies for them in order to process further operations such as shutdown and recovery.
Automated API-Based Security Management
Support API-based automation. The security management center can quickly issue/update security policies.
Use Cases
Load Balancer
Everoute Load Balancer (LB) is a network feature provided by the Everoute service on SmartX's native virtualization platform ELF. Deployed in hyperconverged clusters, it offers load-balancing services for applications on virtual machines, containers, and physical servers.
Why Everoute Load Balancer
Software-defined. Achieves network virtualization purely through software, with no extra need to purchase, deploy, or maintain dedicated hardware devices or adjust physical network configurations.
Simple operations and maintenance. Integrates load balancing functions into the hyperconverged platform, enabling convenient management of both the infrastructure and load balancer on the CloudTower GUI.
High availability & efficiency. Achieves high availability and efficiency through a combination of active-active and active-standby mechanisms, preventing single points of failure and improving service performance quality.
Flexible adaptation. Provides load-balancing services for applications running in different locations and forms.
Features
Rich load balancing algorithms
Provides a variety of load balancing algorithms to cater to the diverse demands of multiple application scenarios, including round-robin, weighted round-robin, least connections, weighted least connections, source IP address hash, and destination IP address hash.
Comprehensive and proactive health check
Periodically performs proactive health checks on the backend servers via TCP, HTTP, UDP, ICMP protocols. Supports configuring multiple health monitors for the same group of backend servers, enabling a thorough and comprehensive health assessment on server pools.
Diverse address translation methods
Offers FullNAT and DNAT for flexible address translation choices. Different virtual services within the same cluster can use different address translation methods.
Application traffic control and concurrent connection management
Allows for setting inbound and outbound traffic limits for virtual services, and regulating the number of concurrent connections between clients and virtual services at a time. This prevents any single virtual service or client from monopolizing excessive resources, ensuring a balanced resource allocation and mitigating the impact of DoS attacks on the system.
Access control via allowlists and blocklists
Manages client IP addresses with allowlists and blocklists to enhance system security and robustness, safeguarding service resources from malicious requests and potential disruptions.
Application scenarios
Everoute load balancer can accommodate a wide range of protocols based on TCP/UDP, including but not limited to FTP, iSCSI, NFS, MySQL, Oracle Net8, SMB, SMTP, LDAP, Syslog, and more. It is suitable for applications demanding high performance, high concurrency, low latency, and continuous availability with long-lasting connections. Besides, it can be deployed in various environments:
Virtualized environment
Containerized environment
Physical server environment
Virtualized environment
In a virtualized environment, Everoute load balancer can support a multitude of application operations on a virtualization platform, and streamline traffic routing via flexible associations with different virtual networks.
VPC Networking
Everoute VPC networking is our virtualized network product that provides secure and isolated network space for virtual machines in SmartX enterprise cloud environments. It enables secure interconnections inside and outside the virtual network through virtualized network functions (VNFs), allowing you to quickly and flexibly deploy unified enterprise cloud networks across multiple data centers.
Why Everoute VPC Networking
Broad compatibility. Implement virtualized networks on a wide range of standard servers and network hardware. Different clusters can use different CPU architectures.
Fast network readiness. Rapidly create diverse virtualized network topologies and network services to accelerate network readiness and meet application agility requirements.
Cross-site high availability. Cloud servers can be replicated and migrated to other data centers or sites to achieve lower RTO in disaster recovery scenarios.
Unified management. Manage, configure, monitor, and maintain cloud servers and networks on a user-friendly graphical interface to improve management efficiency.
Features
Customized Logically Isolated Space
Enables customizing logically isolated VPCs, allowing you to create dedicated VPC resources, manage subnets, allocate IP addresses, and autonomously control network traffic with gateway services and security services.
Rich Gateway Services
Supports configuring floating IP gateways, NAT gateways, Layer 3 routing gateways, Layer 2 bridging gateways, etc., enabling flexible interconnection between virtual machines and external networks to meet the requirements of different applications.
Well-Defined Traffic Planning
Supports configuring routing tables and routing rules for VPC subnets to route traffic heading for destination addresses to specified next-hop gateway services, allowing you to manage VPC traffic models with convenience and ease.
Reliable Network Security Protection
Supports setting distributed firewalls for VPCs, which offers service-aware security policies based on security groups, allowlisting mechanisms that secure east-west traffic between virtual machines, and one-click quarantine of infected VMs.
Open Cloud Network Collaboration Mode
Seamlessly connects with various cloud platforms through open APIs, providing enterprises with automated and flexible network configuration options to better support agile cloud applications.
Use Cases
  • Application Security Guarantee
  • Application-Oriented Cloud Network
  • High Availability
Application Security Guarantee
Safeguards the smooth application access process, and achieves network isolation among different applications or tenants in a cloud or virtualized environment. Reduces the potential security threats and the risk of data leakage while ensuring flexibility, agility, high efficiency, and low total cost.
Resources
Request Demo
info@smartx.com
Inquiry
linkedinyoutubeslack

Promotions that directly or indirectly introduce products or services on the SmartX official website are "advertisements" (except for information such as configuration and functional specifications, after-sales technical support services, etc.).

Products
Solutions
Sales and Purchase
Resources
Company
Copyright © 2024 SmartX Inc. All rights reserved.